Your submission was sent successfully! Close

USN-1022-1: APR-util vulnerability

25 November 2010




It was discovered that APR-util did not properly handle memory when
destroying APR buckets. An attacker could exploit this and cause a denial
of service via memory exhaustion.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.10
Ubuntu 8.04
Ubuntu 10.10
Ubuntu 10.04

After a standard system update you need to restart any applications using
APR-util, such as Subversion and Apache, to make all the necessary changes.


Related notices

  • USN-1021-1: apache2, apache2.2-common, apache2-common